United States Patent m 

Abraham et al. 



[54] TRANSACTION SYSTEM SECURITY 
METHOD AND APPARATUS 



[75] Inventors: Dennis G. Abraham, Concord; Steven 
G. Aden, Charlotte; Todd W. Arnold, 
Charlotte; Steven W, Neckyfarow, 
Charlotte; William S. Rohland, 
Charlotte, all of N.C. 

[73] Assignee: International Business Machines 
Corporation, Armonk, N.Y. 

[21] Appl. No.: 723,875 

[22] Filed: Jul. 1, 1991 



Related U.S. Application Data 

[62] Division of Ser. No. 418,068, Oct. 6, 1989, Pat. No. 
5,048,085. 

[51] Int.CU H04L9/00 

[52] U.S. Q 380/46; 364/224.21; 

364/717; 331/78 

[58] Field of Search 380/46; 364/224.21, 

364/717; 331/78 



US005 148481 A 

[i l] Patent Number: 5,148,481 
[45] Date of Patent: Sep. 15, 1992 

[56] References Cited 

U.S. PATENT DOCUMENTS 

4,193,131 3/1980 Lennon et a] 375/2 

4,231,113 10/1980 Blasbalg 364/717 

4,493,046 1/1985 Watanabe 364/717 

4,799,061 1/1989 Abraham et al 340/825.34 

Primary Examiner — Thomas H. Tarcza 

Assistant Examiner — David Cain 

Attorney, Agent, or Firm—Kax\ O. Hesse, Sr. 

[57] ABSTRACT 

An improved security system is disclosed which uses an 
IC card to enhance the security functions involving 
component authentication, user verification, user autho- 
rization and access control, protection of message se- 
crecy and integrity, management of cryptographic 
keys, and auditability. Both the security method and the 
apparatus for embodying these functions across a total 
system or network using a common cryptographic ar- 
chitecture are disclosed. Authorization to perform these 
functions in the various security component device 
nodes in the network can be distributed to the various 
nodes at which they will be executed in order to person- 
alize the use of the components. 

2 Claims, 15 Drawing Sheets 
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A .security system using the invention embodies user 
TRANSACTION SYSTEM SECURITY METHOD authorization in the form of several independent pro- 
AND APPARATUS files, configurable and programmable by the application 

owner subsequent to the manufacture of the IC card. 
This is a divisional of co-pending application Ser. No. 5 Required conditions for the execution of each command 
07/418,068 filed on Oct. 6, 1989 now U.S. Pat. No. are individually programmable by the application 
5,048,085 filed on Sep. 10, 1991. owner, using command configuration data. Access to a 

command is controlled by the content of a user's autho- 
BACKGROUND OF THE INVENTION rization profile*in conjunction with the command con- 

1. Technical Field 10 figuration data for the requested command. 

This invention relates to security for networks in- The user profiles may be downloaded into other secu- 
eluding computer terminals and portable personal data rity devices in the system for the purpose of controlling 
carriers such as IC cards, sometimes called smart cards use of commands, files, and programs in system compo- 
or chip cards, having an onboard computer and elec- nent devices, in addition to the IC card itself. The 
tronic memory for storing data and processing com- 15 downloaded profile temporarily replaces the authoriza- 
mands. tion profile already active in the other device. 

2. Description of the Prior Art The device command configuration data is not down- 
The use of identification cards having computing loaded. The downloaded user authorization profile de- 
power and memory built into the card, has been de- fines the user's security level and authorizations, while 
scribed in the technical literature for some time. Exam- 20 the device command configuration data defines the 
pies are U.S. Pat. Nos. 4,21 1,919 to Ugon, and 3,702,464 authorization required by that device to execute a re- 
to Castrucci. A disadvantage of known prior art IC quested command in that device. The same or different 
cards that use electrically erasable programmable read commands in other devices to which the user's authori- 
only memory (EEPROM) is that the life of an EE- zation profile is transferred may have greater or lesser 
PROM is defined by the number of write cycles (e.g., 25 security requirements defined in, their command con- 
10,000) before a write failure occurs. Accordingly, the figurations. 

usable life of an IC card using the memory is also lim- The cryptographic keys associated with file and pro- 
ited. gram authorization flag bits in the user authorization 

On-card security protection is taught by U.S. Pat. profiles that are downloaded into other security system 
No. 4,816,653. Security is provided in this prior art 30 components of an intelligent workstation or other corn- 
teaching by having multiple levels of user authorization. puter facility, control access to files and programs in 
Access to a command and to data depends upon who is that workstation or computer facility, 
the current holder of the card, the authority level re- The command set of the IC card is not fixed, 
quired to execute a command, and on password data Through use of tables and additional microcode, loaded 
protection contained in the header of each data file. 35 into the electrically alterable programmable read only 

While providing significantly better user authority memory (EEPROM), new commands can be added to 
checking and security than provided by magnetic stripe the command set, or existing commands can be replaced 
identification cards, the above referenced IC cards op- with updated versions. Control can also be passed to 
erate primarily as only semi-intelligent peripheral mem- added microcode in the EEPROM at specific critical 
ory devices. That is to say, the cards respond to read 40 points in the IC card supervisor microcode, including 
and write command primitives from the workstation, initialization, communications, and authorization 
and provide data or record data if the password of the checking. 

person at the workstation indicates that the person has The definition of data storage blocks in nonvolatile 
the authority to perform the requested command. Fur- memory and the read/write access to those data blocks 
ther, the interface to the prior art IC cards is not well 45 are controlled by security and control information in- 
defended. An attack can be made by monitoring the eluding access prerequisites, stored in the header of 
interface while passwords are transferred to or from the each data block in conjunction with the current users 
card. authorization profile. 

Also, the security systems in use with IC cards of the The life of the EEPROM in the IC card is defined by 
prior art are of a fixed architecture and not easily 50 the number of write cycles (e.g., 10,000) before any 
adapted to differing applications from point of sale to write failure occurs. For applicable functions, data is 
social security or other as of yet unidentified applica- written into the memory in such a way as to optimize 
tions. Likewise, when each decision must be referred to the total life of the IC card by spreading write cycles 
the card for processing, a significant number of binary, across many different storage locations, 
yes/no responses are provided by the card which may 55 DESCRIPTION OF THE DRAWINGS 

expose the card to attack by unscrupulous persons. 

FIG. 1 is a view of the security component devices of 
SUMMARY OF THE INVENTION ^ systcm of ^ invention . 

In accordance with the invention, a highly flexible FIG. 2 is a more detailed block diagram of the IC 
and secure identification IC card and a distributed au- 60 card of the invention. 

thorization system are provided. The invention pro- FIG. 3 is a block diagram of the circuits of the IC 
vides an integrated set of system security capabilities, card read write unit. 

utilizing the improved identification card of the inven- FIG. 4 is a block diagram of the circuits of the cryp- 
tion to enhance system component authentication, user tographic adapter card. 

identity verification, user authorization and access con- 65 FIG. 5 is a block diagram of the software and hard- 
trol, message privacy and integrity protection, crypto- ware security components in a workstation, 
graphic key management, and transaction logging for FIG. 6 is a block diagram of the software and hard- 
audit purposes. ware security components of the security processor. 
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FIG. 7 is a high level flow diagram of authorization 
checking to execute a command. 

FIG. 8 shows content of the user profile and com- 
mand configuration data tables. 

FIG. 9 is a more detailed flow chart of the authoriza- 
tion checking of FIG. 7. 

FIG. 10 is a command decode flow diagram. 

FIG. 11 shows the structure of data blocks in the 
memory of the IC card, according to the invention. 



FIG. 12 is a summary of the commands for most of >° entry at the IWS keyboard 



Multiple configurations of system security compo- 
nent devices at the intelligent workstation (IWS) are 
considered in the system of the invention. 

The IWS may utilize only the cryptographic adapter 
card 29, into which user authorization profiles are 
downloaded from the host computer and in which high- 
speed cryptographic functions such as application pro- 
gram encryption are performed. User identification in 
such an IWS would be accomplished via password 



15 



the security devices in the network of the invention. 

FIG. 13 shows how encryption keys are distributed. 

FIG. 14 shows two offline work station logon meth- 
ods. 

FIG. 15 shows an online work station logon method. 

DETAILED DESCRIPTION OF PREFERRED 
EMBODIMENT 

Referring now to FIG. 1, the security component 
devices are shown in a network environment in which 
they find utility. The heart of such a network is a host 
computer 11 which usually will be connected via tele- 
communication lines to other host computers which are 
not shown. Host computer 11 performs all the usual 
data processing tasks for which it is programmed and, in 
addition, executes the network security processor, sup- 
port program which is the interface between the net- 
work security processor 13 and the host computer 11. 
The network security processor 13 is a small computer 3Q 
which may embody personal computer architecture, 
processor 13 may have a display 15, as well as an IC 
card read write unit 17, according to the invention, and 
an IC card 19 embodying the invention. Processor 13 
operates to provide the interface for the host computer 35 
requests for cryptographic and other security functions 
and directs the requests to an internal cryptograhic 



25 



An IWS; utilized primarily in an ofT-line environ- 
ment, may have only the IC card read/write unit and 
the IC card. In this configuration, user identification is 
effected by entering a PIN on the read/write unit, veri- 
fication taking place within the user's IC card. The 
user's authorization profile may be used to control func- 
tions performed in die IC card or may be downloaded 
into the IC card read/write unit to control its functions. 

A third configuration, comprising the cryptographic 
adapter 29, the IC card read/write unit and the IC card, 
provides all of the functions of the first two configura- 
tions. Additionally, it allows the user's authorization 
profile to be downloaded from the IC card to the cryp- 
tographic adapter. A fourth IWS configuration adds to 
the third configuration the signature verification pen 37, 
attached to the read/write unit, thereby providing user 
verification either via PIN or signature dynamics. 

FIG. 2 is a more detailed block diagram of the electri- 
cal circuits of IC card 19. In FIG. 2, the central process- 
ing unit 41 communicates via physical contact with 
card reader 17 through input/output circuits 43. Con- 
nected to the computer bus. CPU 41 is random access 
memory 45, read/only memory 47 and electrically eras- 
able, programmable read/only memory 49. 

A number of requests to the IC card require a boolean 
response in which the response can have only one of 
two values. For the purposes of this description, the 
two values are referred to as TRUE and FALSE. A 
secure method is used by the programs in the IC card of 



adapter card 29. 

Communication between host computer 11 and work 

stations is provided by either direct attach or through a 40 piQ^ 2 to communicate* this response, 
communications concentrator 21. Concentrator 21 is in jh e method has two very desirable attributes: First 
turn connected to one or more work stations 23 and 25 ^ e response is kept secret. Even if the response data is 
which may operate together on a local area network. rea( j from the IC card interface, the boolean value of 
Each workstation will have a keyboard and display and the message cannot be determined. Secondly if themes- 
optionally may have a card read write unit 17 for read- 45 sage is tampered with, as by an adversary who inter- 



ing and writing information to an IC card 19. In addi- 
tion, reader 17 may have a signature verification pen 27 
for use in capturing the acceleration and pressure dy- 
namics while a holder of card 19 is signing a signature. 
Processor 13 and work stations 23, 25 may also have a 50 
cryptographic adapter card 29 installed into their com- 
puter bus. Card 29 has thereon a shielded module 31 
which is secure from physical and electrical attempts to 
read or modify information stored in the memory in 
module 31. 55 

Each device has the capability to establish a secure 
session with any of the other devices, or with a remote 
device which is capable of supporting the secure session 
establishment protocol. In order for two devices to 
establish a secure session, they must each contain an 60 
identical key encrypting key. This requirement guaran- 
tees that unauthorized devices cannot establish secure 
sessions with each other. A result of the secure session 
process is the establishment of a randomly derived cryp- 
tographic session key known to both devices. Neither 65 
the session key nor any other secret data is divulged on 
the interface between the devices during the session 
establishment process. 



cepts the message and inserts his own replacement, the 
act will be detected. 

The response is secured through the following cryp- 
tographic operation: 

1. The requestor generates an eight byte random 
number, encrypts it under the session key, and 
sends it to the IC card as part of the request mes- 
sage. 

2. The IC card decrypts the random number. If the 
response value is TRUE, the random number is 
incremented by one. If the response value is 
FALSE, the random number is instead incre- 
mented by two. 

3; The smart card re-encrypts the incremented num- 
ber under the session key and sends it in the data 
field of the response message. 

4. The requestor decrypts the data, and compares it 
with the random number he originally sent. If the 
number is one greater than his original random 
number, the response is TRUE. If the number is 
two greater, the response is FALSE. If the number 
has any other value, the response has been tam- 
pered with and is invalid. 
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Thus, we have accomplished the two goals stated -continued 
above. The response is secret and cannot be determined — - — . — TTTTT" 

. r . . Counter Random Number bits 

by tapping the communications interface, and any at- 



tempt to alter the response can be detected. ooonoooioiooooi (6305) 

The random number generator programmed into the 5 

IC card uses an 8-byte counter to create different output Eventually, if the random number values are truly 

values each time the algorithm is called. The counter random, the counter would take on all two to the sixty 

itself is not the random number; it is simply one van- fourth values, It is unlikely that this will happen in 

able, and is the one used to cause a different value to reality, but the majority of the values will be attained, 

appear each time. 10 Ideally, the EEPROM would allow toggling of indi- 

The counter is in the secure environment of the EE- vidua! bits so that each counter update would result in 

PROM on the IC card, where its value cannot be seen only one of the 64 bits being written. In most real EE- 

by the user. Thus, it is not important that the counter PROMs, however, the smallest unit that can be written 

actually count upward in the conventional sense. What is a byte. Thus, when any bit is toggled, the entire byte 

is really important is that it change each time a new containing that bit will be written. The result of this is 

random number is generated, and that it step through a that each of the eight bytes are written \ of the time, 

very large number of states. Two to the sixty fourth The lifetime of the counter is then 8 times 10,000, or 

power is the optimal case for a 64 bit counter, but other 80,000 counts, rather than the 10,000 possible with a 

very large numbers of states are also acceptable under 20 straightforward counter,. 

most circumstances. FIG- 3 shows a Wock diagram of the circuitry em- 
The EEPROM is nonvolatile, so the counter value is bodied in card reader 17. The computational heart of 
maintained even when the device is powered off. There card reader 17 is microprocessor SI, connected to a bus 
is one significant problem with EEPROM, however in 53 for communication with other elements of the card 
that each memory cell gradually degrades each time it is 25 reader. Memory for microprocessor 51 is provided in 
written, and will eventually fail, for example, after the form of electrically programmable read/only mem- 
being rewritten 10,000 times. ory 55 and static random access memory 57. Blocks 51, 
If we implement a simple counter, the low order bit ». 59 and 65 are enclosed in a secure shielded mod- 
changes each time the count is incremented. Thus, we with intrusion detection circuitry 59 m order to 
would only be guaranteed 10,000 counts before, the 3 0 P rotcct ihcTe ? L Int ? s,on d f ^ tl0n , ctr ' 
device failed. This clearly does not meet the needs of * y way of cxample ' m ?* X £ * PP ^ 
the random number generator. *» 07/405910 of common ™ ih *» 8 PP hca " 

The improved method ^^^f^^ *£ addition to memory, microprocessor 51 is served 

possiWe values of the counter before the EEPROM ^ < P ^ ^ 

fails. Theimprovedmeth^ 35 V ^ fol ^ 

does not guarantee all counter value will be different J* the cryp togra P hic adapter 

but it will generate many different values, in a way that ^ 29 fa a workstation 25 (or a ne ^ Qrk pro . 

cannot be determined from ; outside the secure environ- ^ ^ ^ &%mdjird K$ _ m port of a work- 

ment. It also results in significantly more than the 10,000 ^ b ^ asynchronous RS-232 interface 61. 

cycles possible with the straightforward counter. 40 primarV( communication between card reader 17 

The method used updates the counter in a way which ^ £ tQr {s through opefator mterface ^ which 

wfll maximize its life For the ^PROM, Ais means mc]udes fl keypa(J( ^ audiWe beeper> ^ hght cmitting • 

trying to update each cell of the EEPROM equally diode$ fa aAm<m t0 operator interface features, 

often, so all cells will age at an equal rate. This is differ- ^ ^ reader n supporls a signature pen interface for 

ent from the simple counter, in which low order bits are receivin g s jgn a i s representing the signature of a holder 

always updated more frequently than higher order bits. of IC ^ 19 who to obtain services authorized 

The method uses the random number itself to index to tQ ^ genume holder of card 19. Pen interface circuitry 

one of the 64 bits in the counter, then toggles (comple- 65 prov ides the input ports for receiving change of 

ments) that bit The bits of the counter are numbered ^ pressurc and acceleration signals representing the signa- 

0-63, where bit 0 is the low order bit and 63 is the high ture 0 f ^ person holding the card. This circuitry and 

order bit. The low order 6 bits of the random number supporting programs are defined in more detail in U.S. 

are interpreted as a value between 0 and 63, and are Pat NoSt 3,983,535; 4,128,829: 4,553,258: 4,724,542; 

used to select the corresponding bit of the counter, 4,736,445: and 4,789,934, of common assignee with this 

which is then toggled. Since the random number gener- 55 application. 

ator produces a uniform distribution of values, the 64 The jq card 19 itself is read by circuits 67 which 
bits of the counter are each selected an equal number of include physical and electrical contacts for connecting 

times, and none are written more often than any others. the circuitry of FIG. 2 to the bus 53 so that computer 
Consider the following simplified example, showing a microprocessor 51 can act in conjunction with the com- 

1 6-bit counter and the lower 4 bits of the random num- puter 41 in the card under security programs to transfer 

ber. information between the card reader and the card. 

Referring now to FIO. 4 where the block diagram of 
. the circuits of the cryptographic adapter card 29 are 

Counter Random Number bus shovm, there follows a brief description of each block. 

0000000000000000(0) 1100 (bit 12) 65 The heart of cryptographic adapter 29 is the crypto- 

?«! M m « ra P hic module 31 which P rovides a WProof envi- 

^SSSSS&m& XS to) ronment for the encryption processor and storage 

00011000X100001 (6177) 0111 (bit 7) which contains the cryptographic keys. The crypto- 
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graphic adapter is controlled by microprocessor 71, forming ordinary personal computer functions, thereby 
using secure memories in the form of random access enhancing security. The security operating system is 
memory 73 and read/only memory 75. The crypto- based upon an IBM Personal Computer Disk Operating 
graphic keys are stored in random access memory 73 System 141 and modified by a multi-tasking program 
which is kept active by battery backup circuit 77 and 5 143. One of the tasks running under multi-tasking pro- 
battery 79. In order to thwart an attack on the secure gram 143 is a host server module 145. Server 145 man- 
module, battery backup circuit 77 operates under con- ages the communications between the network security 
trol of tamper protection and detection circuit 81 which processor 13 and the host computer 11 through a chan- 
detects any attempt to access module 31 by physically nel task program 147 and a host channel adapter 149. Of 
attack. The physical and electrical protection of module 10 particular importance is another task in the form of 
31 is set out in greater detail in U.S. patent application security , server program 151, performing functions 
Ser. No. 07/405910, of common assignee with this ap- complementary to the security functions performed by 
plication. Microprocessor 71 uses random access mem- the security server 117 in the workstation shown in 
ory. 83 which is located outside of the secure module FIG. 5. This is accomplished by the cryptographic 
31, in addition to its secure memory. To prevent access 15 adapter task program 153 and cryptographic adapter 
to the contents of secure memory 73 and 75 while mi- device driver program 155 which provide the interface 
coprocessor 71 or encryption processor 85 is forming a to a cryptographic adapter 29, installed in the personal 
secure process, gate 87 opens the connection of bus 89 computer bus of network security processor 13. The IC 
to its outside extension 91 so that any information on card reader 17 and its associated IC card 19, attached to 
bus 89 cannot be read from outside of module 31 at 20 the network security processor 13, are used to control 
contacts connecting bus 91. access to the network security processor for initializing 

Turning now to FIG. 5, a block diagram of the hard- the security processor, operator services, and mainte- 
ware and software features of a workstation 23 or 25 are nance etc. Another function served by the card reader is 
shown. A customer application program 111 runs in a to accept parts of master keys in secure fashion in order 
workstation 23 or 25, utilizing security utilities 113 and 25 to initialize the security processor. That, after the mas- 
interfaces with the operating system program in the ter key entered in parts, is used to generate other keys 
workstation, using a security application program inter- for distribution to other devices at other nodes in the 
face. The security utilities provide for such functions as secure network. 

initializing an IC card 19 or enrolling the reference The directory server task 157 contains the pointers 
signatures of a user into the memory of the card. Cryp- 30 and program routines to allow the security server to 
tographic function requests from a customer application access encryption keys and other information needed to 
program 111 are passed through workstation security perform its cryptographic functions, interfacing with 
service supervisor and router 115 to the security server PC DOS file access method programs 159. Log server 
program 117. Security server program 117 provides the 161 also is a task which provides for the auditing func- 
program modules and information, the cryptographic 35 tions needed by the system; At the top of FIG. 6 are 
keys needed to perform a specific function, to the cryp- shown blocks 163 which provides installation services 
tographic adapter hardware 29 through a device driver programming 165, which provides initial program load- 
program 119. Example program modules include key ing services, and 167 which provides operator interface 
management module 121. message authentication code programmed functions. 

verification 123, message authentication code generator 40 FIG. 7 is a high level view of the processing method 
125, and encypher/decypher functions 127, 129. which decides whether a user is authorized to execute a 

The keys used for generation of message authentica- particular command. Each test references one or more 
tion codes, encrypting of other keys, and ordinary en- tables, which are shown attached to the corresponding 
cryption and decryption tasks can be stored in many processing step. 

places in the secure network. Keys are stored on PC 45 The first step 171 checks whether the command is a 
disk memory in encrypted form, encrypted under the universally authorized command. Universally autho- 
master key of one of the security devices, cryptographic rized commands listed in table 173 are a fixed, prede- 
adapter 29, card reader 17, or IC card 19. Keys are also fined set of commands that are necessary for all users in 
stored in the nonvolatile memories of cryptographic all situations. They are always allowed, regardless of 
adapter 29, card reader 17, and IC card 19. 50 the user's authority. None of these commands are 

In those configurations where a workstation has both security-related, 
a cryptographic adapter, 29 and an IC card reader 17, The next two steps 175 and 177 are actually per- 
security functions relating to the IC card or card reader formed together, but are shown separately for clarity, 
are requested by customer application program 111, These involve checking whether the current user is 
pass down through the various program interfaces 55 authorized to execute the particular requested corn- 
through cryptographic adapter 29 to card reader 17. In mand. A user's authority is defined by the contents of a 
those configurations where a workstation has only a related user profile in the table of user profiles 179. The 
card reader and no cryptographic adapter, the card requirements for execution of the selected command are 
reader is connected to the personal computer of the defined in command configuration data table 181 by the 
workstation by asynchronous communication interface 60 execution prerequisites for that command. These two 
61, shown in FIG. 3 r which is represented as a commu- items of information from the tables are examined to 
nication line in FIG. 5. determine if the user is permitted to. execute the corn- 

Referring now to FIG. 6, a more detailed block dia- mand. These steps are set out in more detail in FIG. 9. 
gram of the circuits and programmed functions, resid- If the. user has the authority to execute the selected 
ing in network security processor 13, are shown. Net- 65 command, there is one additional step 183 that still must 
work security processor 13 is based upon a personal be performed. A programmable table 185 contains a list 
computer architecture running a special security oper- of dates defined as holidays, and most commands can- 
ating system which prevents the computer from per- hot be executed on a holiday. This provides an addi- 
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tional level of security. If the current date is listed as a 
holiday, all commands except the universally autho- 
rized commands are disallowed. 

Once it has been determined that the user is autho- 
rized to execute a command, the command is decoded 5 
at block 187, using the command decode tables 189 
shown in more detail in FIG. 10. The command is exe- 
cuted at block 191 of the flow diagram, after which 
control of the IC card or other security device returns 
to wait for the next command. 10 

FIG. 8 represents the relationship between user au- 
thorization profiles 179 and command configuration 
data 181, as they are utilized within the IC card to se- 
curely limit the use of commands, as programmed by a 
designated authority of the application owner. 15 

Each of the user authorization profiles 179 contains a 
command authorization flag bit 197 for each command 
used in any of the system security devices. If the flag bit 
is not set, then the user is not authorized to execute the 
corresponding command. 20 

User authorization profiles 179 also contain some 
number of file and program authorization flags 199. 
When the user profile is downloaded into a workstation 
cryptograhic adapter, each file authorization flag bit is 
associated with a cryptographic data key used for en- 25 
crypting or decrypting a specific file. Similarly, the 
program authorization flag is used to control access to 
specific programs. 

Other data 199, in the user authorization profiles 179, 
specify a level of authority in the exercise of commands, 30 
time of day and day of the week limits, expiration date 
for the user authorization, and other user flags indicat- 
ing the mode for the identification of the user. 

The command configuration data 181 is independent 
of the user authorization profile, but consists of a num- 35 
ber of prerequisite conditions and authorizations for 
each command. There is a unique set of command con- 
figuration data for each of the system security devices in 
the system. 

FIG. 9 is a detailed flowchart showing exactly how 40 
the authorization checking of FIG. 7 is performed. The 
first step 201, as in FIG. 7, is to check the table 173 of 
universally authorized commands. If the command is in 
this table 173, remaining steps are bypassed and the 
command is automatically authorized. 45 

At block 203, the user's user profile 179 is retrieved 
and, at block 205, the command configuration data 181 
for the selected command is retrieved. These are used in 
performing most of the remaining checks. If the com- 
mand unavailable flag is found, at block 207, to be set in SO 
the command configuration data 181, the command is 
not authorized and the remaining steps are bypassed. 

If the secure session required flag is found at step 209 
to be set in the command configuration data 181, the 
command is not authorized unless a secure session is 55 
determined at block 211 to be in effect with the sender 
of the command. This has the effect of allowing the 
command only if the sender of the command has been 
verified as an authentic system component or device as 
for example, an IC card or cryptographic adapter etc. A 60 
secure session cannot be established between two com- 
ponents that do not share certain common crypto- 
graphic keys installed by the owner. 

If block 213 determines that the initial verification 
required flag is set in the command configuration data 65 
181, the user must have verified his identity at some 
time during the current session, or the command will 
not be allowed. This is tested at block 215. He may have 



10 

verified his identity by entering his PIN, or by using 
signature verification, or some other external means. 
The methods he can use for verification are controlled 
by the verification method identifier in his user profile. 

If the pre-execution verification required flag is set 
(block 217) in the command configuration data 181, the 
user must re-verify his identity before each time the 
command is executed. Block 219 tests whether the user 
has re-verified his identity in order to use this command. 
If this flag is set and the user has not re-verified for 
execution of the command, it will not be allowed. 

Block 221 determines if the disable time limits flag is 
set in the command configuration data 181. If it is set, 
the time of day, date, and day of week checking at block 
223 is bypassed for the command. If the flag is not set, 
the time of day limits, expiration date, and valid days of 
week fields in the user profile are compared to the cur* 
rent time, date, and day of week to determine if the 
command is allowed. If any of these are not satisfied, 
the command is not allowed and further checks are 
bypassed. 

If the current date is found at block 225 to be listed as 
a holiday in the programmable holiday table, the com- 
mand is not allowed. The user's authority level in his 
user profile is compared at blocks 227, 229 and 231 to 
the authority level required to authorize the selected 
command, which is contained in the required authority 
level field of the command configuration data 181. If 
the authority exact match flag is set in the command 
configuration data, the user's authority level must be 
exactly equal to the required authority level for the 
command to be allowed. If the authority exact match 
flag is not set, the user's authority level must be greater 
than or equal to the required authority level for the 
command to be allowed. 

Each user's user profile contains a set of command 
authorization flags defining which commands that user 
is excluded from executing. If the requested command is 
not authorized in the user's command authorization 
flags, execution is not allowed by the logic in block 233. 

Each user's user profile contains verification failure 
count which counts the number of consecutive verifica- 
tion failures, either by PIN or by signature verification, 
or another external means. Each profile also contains a 
programmable verification failure limit, defining the 
number of consecutive verification failures the user is 
permitted before he is locked out. At block 235, the 
user's verification failure count is checked to see if it is 
greater than or equal to his verification failure limit, and 
if so, the command is not allowed. 

Referring to FIG. 10, the method of command de- 
coding in the IC card is shown. This method employs 
two command decoding tables: one 241 in the micro- 
processor ROM. which is fixed, and another 243 in the 
electrically erasable programmable read only memory 
(EEPROM), which is programmable. The table 241 in 
ROM defines the default subroutine address to be called 
for each of the possible commands. The table 243 in 
EEPROM can be loaded with new addresses, which 
will override those in the ROM table. The method 
allows one to load new commands into EEPROM, or to 
load replacements for commands in the ROM, and to 
use the EEPROM table to cause these downloaded 
commands to be executed in place of the commands in 
the ROM. Whenever a command is to be executed, the 
address is first read from table 245 in EEPROM. If 
block 245 in FIG. 10 determines that the address from 
the table 243 is not zero, it is used as the address of the 
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subroutine to process the requested command. If the A set of flags 257 in the block header 255 defines 

address is zero, an address is read from the table 241 in various security features for the block. The verification 

ROM and the address read from ROM is used for the required flag, if set, indicates that the user must have 

subroutine to process the command. Thus, any ROM verified his identity before he can be granted access to 

command subroutine can be replaced by inserting a 5 the block. The user can verify his identity with PIN or 

non-zero address into the table 243 in EEPROM. with signature verification or another external verifica- 

FIG. 11 shows the format used on the IC card to tion means. A hidden block flag, if set, indicates that the 

store data blocks. Data blocks are a general purpose Mock will hot be listed when the user requests a list of 

means for defining and managing user or system data the blocks that exist on the IC card, 

areas in the IC card non-volatile memory. Data is writ- W A secure session required flag, if set in 257, indicates 

ten to the blocks and read from the blocks: There, are the block cannot be accessed from a device unless 

many options and features to keep the data secure from device ^ a ^ssion in effect with the IC 

attacks caxd. A session key encryption required flag, if set in 

251 in FIG. 10 shows the overall layout of data 257, indicates that all data transmitted to the card for 

blocks in the IC card EEPROM memory. The low « wnting m the b ock, or transmmed 

portion of the memory is reserved for information that read from the block, will be encrypted using the session 

is not related to the data blocks. All memory above this ^established between the IC card and the^device 

fixed, predefined data is available for the definition of ™£ ^ ch ^^r^^^T^^v 

data blocks; They are allocated in contiguous segments ^ If ^ b £ck J? a * m 257 * set, the Wock token 

of the memory. The first data block defined occupies 20 mustl^passedto Ae ICcar dencryp "^"^ 

memory starting immediately after the fixed data, the ? a P h,c IC the token using 

block consists of two parts a header and a data area. . f ^ ter ±t correct iokeRt 

The header contains contro mfonnation related to the (h . This has the 

block, and the data area contains Ae date which is writ- 3J ect of rotecting ^ fro ^ either read or ^ 

ten to and read from the block. The information m the access ; unless ^ requester ltm the ^mct 

header is defined when the block is allocated. The data key 

area is of a fixed size once the block has been defined by ^ typical method for protecting data using encryp- 
the one of the users. tion is to encrypt the data itself when it is stored. The 
255 shows the contents of the block header. The correct key must be used when it is read back and de- 
block ID is an eight byte field used to identify the block. cr ypted in order to retrieve meaningful data. This pro- 
It is passed to the card with all data block commands in 35 tects against reading by those who do not possess the 
order to identify the block of interest. Any eight byte secret ^ y j t has ^ 0 disadvantages, however. First, it 
value is permitted. The token is a secret value used to requires the overhead of encrypting and decrypting the 
authorize access to the data in the block. The user must dataj which can be time consuming for large data 
pass the correct token to the IC card with each data blocltS! Secondly, it only protects the read operation, 
block command in order to be granted access to the 40 The data can still be overwritten by someone who does 
block. The token is similar to a password for access to not t he key, although the data written might not 
the block. It is defined by the user at the time the block ^ meaningful. 

is allocated. In order to protect the block ID and token secured block concept employed in the IC card 

from disclosure, they can be encrypted under the ses- described here is a superior alternative to simple en- 

sion key when they are transmitted to the IC card. 45 cryption of the data in the block. It requires far less 

The data length field in 255 defines the number of encryption overhead, and also protects both reading 

8-byte paragraphs in the data area of the block, A value and writing of the data block, the method encrypts the 

of 1 indicates that there are 8 bytes in the data area, a block token when it is sent to the IC card, rather than 

value of 2 indicates there are 16 bytes, and so on, encrypting the data itself. The IC card decrypts the 

A checksum is stored in the header 255 to allow veri- 50 token, and if the user does not possess the correct cryp- 

fication of data integrity in the data portion of the block. tographic key, the IC card will recover a token value 

The checksum is calculated from the data each time it is that does not match the token stored in the block 

written, and the checksum is verified each time the data header. Access to the block, either in read or write 

is read. If the checksum indicates there is an error in the mode, will then be denied. Only encryption of the eight 

data read, the data is still returned to the requester, but 35 byte token is required. 

a warning code is returned to inform the requester of Note that storing the data in encrypted form is not 

the error condition, required in the IC card. The data is stored in the EE- 

The header 255 contains read authorization flags and PROM, which is a secure environment The only need 

write authorization flags for each user profile; Each of for encryption of the data is when it must be protected 
the possible IC card users can be given read only access, 60 as it passes over the interface to the IC card. For that 

write only access, read/write access, or no access to purpose, the IC card can accept data encrypted under 

each data block individually.. the session key for the write operation, and can encrypt 

The header also contains a minimum authority level outgoing data under the session key for the read opera* 

which is compared with the authority level in the user's tion. 

profile. The user's authority level must be greater than 65 A summary of the classes of default commands that 

or equal to the minimum authority level in the block can be executed by the security component devices is 

header in order for that user to be granted access to the shown FIG. 12. In the IC card, for example, additional 

block. and different commands can be downloaded to the IC 
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card device in order to perform additional functions as management structure in the application* the need for 

they are found to be needed. data keys, to be held in common between the central 

FIG. 13 describes a method of cryptographic key network security processor 13 and other system or 

initialization of the system security component devices network nodes, and the level of key management con- 

of the system of the invention. Reference is made also to 3 trol delegated to the system or network node, the sec* 

FIG. 1. ondary keys may include data keys for safeguarding the 

The host CPU 11 responsible for overall key manage- files and programs of the node device. Alternatively, 

ment for the system or network contains in its network these keys could be generated locally at the node under 

security processor 13 a host master key under which the the node master key. 

master node keys for all other network node devices are 10 FIG. 14 illustrates the off-line intelligent work station 

encrypted. The host master key is generated manually (IWS) logon procedure in the system of the invention, 

by a privileged and responsible individual (security using the system security component devices described 

administrator) in a highly secure and protected environ- in FIGS. 1 through 5 of this invention. Reference is 

ment. made to FIG. 1 for devices identified therein. 

The host master key may be entered into the network 15 When the user inserts the user's IC card, step 325, 

security processor 13 in several different ways. Using into the IC card read/write unit 17, those two devices 
IC cards 19 with the highest level of authority in its user * establish a secure session between them in step 327. This 

authorization profile.,the security administrator gener- action occurs transparently to the user, is built on the 

ates master key parts on his IWS 25, incorporating a existence of a cryptographic processor in both devices, 

cryptographic adapter 29 and IC card read/write unit 20 and results in a unique session key. When the secure 

17.,and then enters the host master key parts into the session has been established, the cryptographic adapter 

network security processor 13, using its attached IC 29, if it is present in the IWS, is advised by the IC card 

card read/write unit 17. This is accomplished through . read/write unit 17 that the secure session has been es- 

the use of commands defined under a common crypto- tablished. At step 329, action is then initiated to estab- 

graphic architecture specifying the cryptographic 25 lish a similar secure session between the IC card 19 and 

structure, commands and operation of all system secu- the cryptographic adapter 29. At the conclusion of that 

rity component devices in the system of the invention. action, the IC card is in secure session with both of the 

The common cryptographic architecture is described in other devices. The cryptographic adapter will attempt 

great detail in co-pending U.S. patent application Sen to establish a secure session with the reader at initializa- 

Nos. 231,114; 233,575 237,938; 238,010 and 344,165. 30 tion of the cryptographic adapter. In the process of 

Alternatively, the security administrator may enter the establishing secure sessions among these devices, the 

host master key into the network security processor 13 authenticity of each device is verified, 

directly through the PIN pad keyboard of the IC card The next step in the logon procedure is to verify the 

read/write unit under the authorization profile loaded identity of the user person to the IWS. FIG. 14 illus- 

into it from the security administrator's IC card. 35 trates two methods of user verification: one based on 

The next step in the process of cryptographic key the use of a secret pin verification number (PIN); and 

initialization of the system or network is to generate another based on the comparison of dynamic signature 

network node master keys encrypted under the host pattern data of a verification signature with that of 

master key. Toward maximization of security in the reference signatures prerecorded in the IC card. Be- 

transportation of the node master keys from the net- 40 cause the latter procedure is inherently less susceptible 

work security processor 13 to the remote network to compromise and more costly to implement than the 

nodes, the node master keys are generated in parts and former, the choice between the two reverts to a value 

each part written into the secure memory of separate IC judgment for each application, 

cards 19. This step is shown at block 311 in FIG. 13. The PIN verification is initiated at step 331 by a 

Only after the key parts are sequentially imported from 45 prompt to the user to enter the user PIN on the PIN pad 

the pair of IC cards 19 containing the key parts to an- of the IC card read/write unit 17. Within this unit, the 

other system security component device, and crypto- PIN and a random number are encrypted using the 

graphically assembled, is the node master key usable. session key, and passed across the protected interface to 

Importing or loading the key parts into other node the IC card 19, Within the IC card 19 at step 333 the 

devices is shown at steps 313 and 315 in FIG. 13. 50 received quantity is decrypted, the random number is 

After all system or network nodes have been so ini- separated from the PIN, the PIN is verified against the 

tialized with master node keys, node key encrypting user PIN stored in the IC card. Based on the result of 

keys may be generated by the central network security the verification attempt, the random number is incre- 

processor 13 under control of the key management mented by either a 1 or a 2 and encrypted to provide a 

application program nmning on the host CPU 11, and 55 protected response to the IC card read/write unit, 

encrypted under the specific node master key which is Alternatively, signature verification is initiated at step 

held within a secure key directory in the network secu- 335 by a request from the cryptographic adapter 29 to 

rity processor 13. Other secondary keys such as data the IC card 19 to download the user's signature refer- 

keys for specific purposes, may then be transported ence data. In the IC card, the signature reference data is 

through the system facilities, encrypted under a nodes 60 read from secure memory, encrypted, and passed 

key encrypting key. This step appears at block 317 in through the IC card read/write unit 17 to the crypto- 

FIG. 13 Transportation of these keys is effected graphic adapter 29, where it is decrypted at step 337 and 

through the host computer 11, as shown by step 319 to held in memory. 

the system or network communications facilities The The user is then prompted at step 339 to write a veri- 

secondary keys are downloaded at steps 321 and 323 in 65 fication signature, and using the signature verification 

a secure session to each node represented by a security pen 21 attached to the IC card read/write unit 17, the 

component device such as a cryptographic adapter 29 user writes a signature. The analog signals from the pen 

or an IC card read write unit 17. Depending on the key are digitized and encrypted and passed across its pro- 
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tected interface to the cryptographic adapter 29, where 
the signature data is decrypted and placed in memory. 
Within the cryptographic adapter at step 341, the dy- 
namic signature verification algorithms described in 
U.S. Pat. No. 4,724,542 are invoked to effect a confident 
match of the verification signature data against the 
multiple reference signature data sets. 

Thus far in the off-line logon process, the authenticity 
of the security component devices have been validated 
and the user person's identity has been verified to the 
IWS. It remains to establish, within the security compo- 
nent devices of the IWS, the authorization to access 
IWS resources within time-of-day/day-of-week limits 
and more specifically to exercise the command set of 
the device, to utilize files and programs within the IWS. 

Requests from the card reader 17 and the crypto- 
graphic adapter 29 to the IC card 19.would result at step 
343 in the downloading of the user authorization profile 
to the IC card read/write unit 17 and to the crypto- 
graphic adapter 29. Then, as described in detail with 
FIGS. 7. 8 and 9, the user verification profile, the com- 
mand configuration data and cryptographic keys com- 
bine at steps 345 to control the use of commands, files 
and programs throughout the session. 

On logoff, the user authorization profile that had been 25 
downloaded from the user's IC card to the crypto- 
graphic adapter is removed at step 347, and the crypto-, 
graphic adapter reverts to its default profile. 

FIG. 15 illustrates the intelligent work station (IWS) 
on-line logon procedure, utilizing the cryptographic 30 
adapter as the only system security device in the IWS. 

Through the communications facilities in the IWS 25 
and the host CPU 11, a secure session is established 
between the cryptographic adapter 29 in the IWS and 
the network security processor 13. As it is in the off-line 35 
logon procedure described in connection with FIG. 14 
the establishment of the on-line secure session is trans- 
parent to the IWS user. 
User identification with this IWS configuration is 
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profile downloaded from the network security proces- 
sor 13, the common configuration data resident in the 
cryptographic adapter 29 of the IWS 25, and the sec- 
ondary cryptographic keys previously established in the 
cryptographic adapter all serve to control the use of 
commands, Ales and programs in the IWS. As in the 
off-line case, logoff at step 359 results in the removal of 
the downloaded user authorization profile and substitu- 
tion of the default profile. 

While the invention has been described with refer- 
ence to a preferred embodiment thereof in the form of a 
transaction security system including an IC card, it will 
be apparent to those skilled in the art of computer sys- 
tem design that the principles, methods; and apparatus 
of the invention can be applied in other environments to 
enhance the security and prevent fraud, 

What is claimed is: : 

1. The method of communicating a secure boolean 
response comprising the steps of: 

a) generating a random number in a security device; 

b) encrypting said random number under a key; 

c) sending said encrypted random number to another 
security device; 

d) decrypting said encrypted random number in said 
another security device: 

e) modifying said random number by a first function 
if said response is true: 

f) modifying said random number by a second func- 
tion if said response is false: 

g) encrypting said modified random number; 

h) sending said encrypted modified random number 
to said first security device; 

i) decrypting said encrypted modified random num- 
ber at said first security device: and 

j) comparing said modified random number with said 
random number to determine said response. 

2. The method of changing a value used in the gener- 
ation of a random number in a security device of the 
type having a value storage means which can be written 



initiated at step 351 by the entry of the user's password 40 a limited number of times before becoming unreliable, 



at the IWS keyboard in response to a prompt message. 
The logon password is verified at step 353 in the net- 
work security processor 13 against its directory of au- 
thorized users. A positive verification results in the 
retrieval at step 355 of the user authorization profile 45 
from the directory. The profile is then encrypted under 
the session key created for the session and the encrypted 
profile is downloaded at step 357 to the cryptographic 
adapter 29 in IWS 25. 

The IWS 25 may then continue to operate in an on- 50 
line mode with the host CPU 11 as a continuation of the 
same secure session or under a subsequent secure ses- 
sion. The IWS may also revert to an off-line mode rep- 
resented in step 357 In which the user authorization 

55 



comprising the steps of: 
generating a random number by encryption using said 
value; 

using a portion of said random number to select a 
random part of said value for change; 

changing only said random part of said value in said 
storage means; 

leaving unchanged a remainder of said value in said 
storage means; 

whereby said value in said storage means may be 
changed substantially more than said limited num- 
ber of times before said storage means becomes 
unreliable. 

* * • . * • 
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